[Openswan Users] How do I sniff for decrypted packets

Jonah Wittkamper jonah at distributivenetworks.com
Mon Jan 26 18:04:49 EST 2009


I am running Openswan 2.4.9-r1

 

My only interfaces are eth0, eth1 and lo.

 

My vpn tunnel comes up but the back-and-forth has been an issue.  To
diagnose I need to sniff incoming packets, after they've been deleted.  

 

By running tcpdump on eth0 I can see ESP packets, but I can't see
decrypted packets.  My research on this mailing list suggests that I
should see both encrypted and decrypted packets, but I only see
encrypted ones.  

 

I thought turning on debug options would help log sufficient traffic
information to help, but it doesn't.

 

How am I supposed to sniff decrypted incoming packets?

 

Jonah

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20090126/096da56d/attachment.html 


More information about the Users mailing list